Top Banner
CISO MAG | May 2018 1 Volume 2 | Issue 4 | May 2018
7

Volume 2 | Issue 4 | May 2018 · 2019. 10. 7. · Rahul Arora [email protected] Senior Feature Writer Augustin Kurian ... Education Partner ACCREDITED. FLEXIBLE. ONLINE. Startup

Oct 05, 2020

Download

Documents

dariahiddleston
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Volume 2 | Issue 4 | May 2018 · 2019. 10. 7. · Rahul Arora rahul.arora@eccouncil.org Senior Feature Writer Augustin Kurian ... Education Partner ACCREDITED. FLEXIBLE. ONLINE. Startup

CISO MAG | May 2018

Volume 2 | Issue 4

1PB

Volume 2 | Issue 4 | May 2018

Page 2: Volume 2 | Issue 4 | May 2018 · 2019. 10. 7. · Rahul Arora rahul.arora@eccouncil.org Senior Feature Writer Augustin Kurian ... Education Partner ACCREDITED. FLEXIBLE. ONLINE. Startup

CISO MAG | May 2018 CISO MAG | May 2018

Volume 2 | Issue 4Volume 2 | Issue 4

32

Page 3: Volume 2 | Issue 4 | May 2018 · 2019. 10. 7. · Rahul Arora rahul.arora@eccouncil.org Senior Feature Writer Augustin Kurian ... Education Partner ACCREDITED. FLEXIBLE. ONLINE. Startup

CISO MAG | May 2018 CISO MAG | May 2018

Volume 2 | Issue 4Volume 2 | Issue 4

54

INDEX

CISO MAG | May 2018 CISO MAG | May 2018

Volume 2 | Issue 4Volume 2 | Issue 4

2120

COVER STORY

2120

GDPRand the Leadership Overload How, why, and when to hire that interim CISO.

Chris RobertsChief Security Architect, Acalvio Technologies

COVER STORY

08BUZZIt’s Time for GDPR

46TABLE TALKJustin DollyEVP, Chief Security Officer & CIO, Malwarebytes

16COVER STORYGDPR and the Leadership Overload

24UNDER THE SPOTLIGHTJuan Carlos Lopez RuggieroCSO Healthcare EMEA, DXC Technology

32INSIGHTGDPR: An Opportunity in Disguise

40COLLABORATIONSInfosec Partnerships

54IN THE NEWSTop Stories from the Cybersecurity World

60IN THE HOTSEATHigh-Profile Appointments in the Cybersecurity World

64KICKSTARTERSStartups Making Waves in the Cybersecurity World

16

24

32

46

Volume 2 | Issue 4May 2018

EditorialInternational EditorAmber Pedroncelli

[email protected]

Senior EditorRahul Arora

[email protected]

Senior Feature WriterAugustin Kurian

[email protected]

Media and DesignMedia Director

Saba [email protected]

Design Head and VisualizerMSH Rabbani

[email protected]

DesignerJeevana Rao Jinaga

[email protected]

ManagementExecutive DirectorApoorba Kumar*

[email protected]

Senior Director, Compliance & Governance

Cherylann [email protected]

Marketing & SalesGeneral ManagerMeghana Vyas

[email protected]

Marketing ManagerPooja Saga

[email protected]

Sales Manager - IndiaBasant Das

[email protected]

Sales Manager - North AmericaJessica Johnson

[email protected]

TechnologyDirector of Technology

Raj Kumar [email protected]

If you work in information security and are not living under a rock, you would know that General Data Protection Regulation (GDPR) goes into force in the European Union on May 25, 2018.

Four years in the making, this initiative endeavors to harmonize data protection legislation across the European Economic Area (EEA) and give individuals better control over their personal data.

With the GDPR upon us, the stakes are higher than ever. Organizations can ill afford to procrastinate on GDPR compliance. Our cover story written by Chris Roberts discusses how, when, and why you should hire that interim CISO, who can safeguard the business and manage risk during GDPR transition.

Our Insight section interprets how GDPR can be a great opportunity for information technology businesses in India, as they look to enhance their security posture. In our Buzz section, we discuss how well different economies are prepared for GDPR, the stakes for C-level executives, and the global impacts we can expect from the regulation.

We also interview Juan Carlos Lopez Ruggiero, an advisor on GDPR, who busts a few myths regarding the GDPR and discusses its implications on the European economy. There are a host of other informative features that look at cybersecurity from an all-encompassing perspective.

Tell us what you think of this issue. If you have any suggestions, comments, or queries, please reach us at [email protected].

Jay BavisiEditor-in-Chief

* Responsible for selection of news under PRB Act. Printed & Published by Apoorba Kumar, E-Commerce Consultants Pvt. Ltd., Editor: Rahul Arora.The publishers regret that they cannot accept liability for errors & omissions contained in this publication, howsoever caused. The opinion & views contained in this publication are not necessarily those of the publisher. Readers are advised to seek specialist advice before acting on the information contained in the publication which is provided for general use & may not be appropriate for the readers’ particular circumstances. The ownership of trade marks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system, or transmitted in any form without the permission of the publishers in writing.

Page 4: Volume 2 | Issue 4 | May 2018 · 2019. 10. 7. · Rahul Arora rahul.arora@eccouncil.org Senior Feature Writer Augustin Kurian ... Education Partner ACCREDITED. FLEXIBLE. ONLINE. Startup

CISO MAG | May 2018 CISO MAG | May 2018

Volume 2 | Issue 4Volume 2 | Issue 4

76

07th - 08th June 2018Grand Hyatt, Mumbai

PARTNERS / SPONSORS

CONTACTSpeaking Opportunities

Jyoti [email protected]

+91-99636-54422

Alliances & Delegate Registrations

Rakesh [email protected]

+91-79778-28905

Sponsorship & TrainingsRenaldo [email protected]

+91-79955-64887

04th - 07th June 2018Grand Hyatt, Mumbai

TRAINING DATESC CISOTM

Certified Chief Information Security Officer

State Partners

https://ciso.eccouncil.org/portfolio/4th-edition-ciso-summit/

CertifiedEC-Council

ASecurity Analyst

TM

CE S

Gold Partners

SEQURETEK

SIMPLIFY SECURITY

Diamond Partners

Education Partner

ACCREDITED. FLEXIBLE. ONLINE.

Mobility Partner Exclusive Media PartnerOutdoor PartnerBug Bounty PartnerStartup Partner Media Partners

Silver Partners Exhibit Partners Supporting Associations

Page 5: Volume 2 | Issue 4 | May 2018 · 2019. 10. 7. · Rahul Arora rahul.arora@eccouncil.org Senior Feature Writer Augustin Kurian ... Education Partner ACCREDITED. FLEXIBLE. ONLINE. Startup

CISO MAG | May 2018 CISO MAG | May 2018

Volume 2 | Issue 4Volume 2 | Issue 4

98 0908

CISO MAG Staff

BUZZ BUZZ

Page 6: Volume 2 | Issue 4 | May 2018 · 2019. 10. 7. · Rahul Arora rahul.arora@eccouncil.org Senior Feature Writer Augustin Kurian ... Education Partner ACCREDITED. FLEXIBLE. ONLINE. Startup

CISO MAG | May 2018 CISO MAG | May 2018

Volume 2 | Issue 4Volume 2 | Issue 4

1 110

Simply put, standard “terms and conditions” phraseology or having users accept data access requests is no longer sufficient. Companies now need to fully inform their users about the usage of the information they are sharing with you. Failure to meet the GDPR guidelines comes with stiff penalties that apply to international organizations whether they are the data controllers or data processors.

“It’s not enough to just connect people. We have to make sure that those connections are

positive. It’s not enough to just give people a voice. We need to make sure that people aren’t using it to harm other people or to spread misinformation. And it’s not enough to just give people control over their information. We need to make sure that the developers they share it with protect their information, too,” said the man who created a platform that started revolutions in countries; helped people find their missing loved ones; transformed vacations, achievements, and celebrations into memorable collages; let people share their opinions; and finally, most recently, let some organization use this kaleidoscope of personal data for manipulation.. Mark Zuckerberg has admitted his grave error, but the harm is already done.

While the United States is debating the issue of data privacy, the EU’s GDPR will go into effect on May 25, 2018. The General Data Protection Regulation is intended to strengthen the European (and Britain) citizen’s control over the privacy of their online data while adding to the accountability of all businesses, especially online.

Replacing 1995 EU Data Protection Directive and UK’s Data Protection Act 1998, the GDPR is expected to reinforce the rights of citizens over their personal data in terms of accessing the information being shared or filing complaints over data abuse. The entire premise of the law is to ensure that any data collected is being utilized for the purpose disclosed to its users at the time of collection.

International undertones of GDPR

According to a survey by PwC that included 300 C-suite executives from US, UK, and Japanese companies with subsidiaries in Europe, the US lead the preparation poll with 22 percent companies claiming to have the finished GDPR set-up. In contrast, only eight percent of the companies surveyed in UK self reported that they were up to snuff. Japan was only at two percent, although they plan to draw level in the coming days with significant investment of funds.

With the GDPR deadline looming, expenditures on GDPR preparation are also on the rise. More than 85 percent companies report spending of more than $1 million, while 40 percent have spent nearly $10 million.

In an interview with CISO MAG, Ardi Kolah, Executive Fellow and Director of the GDPR Transition Programme at Henley Business School, explains the implications of GDPR on international organizations operating within

BUZZ BUZZ

1 110